← Volver a CVEs
CVE-2021-36958
HIGH7.8
Descripcion
<p>A remote code execution vulnerability exists when the Windows Print Spooler service improperly performs privileged file operations. An attacker who successfully exploited this vulnerability could run arbitrary code with SYSTEM privileges. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.</p>
Detalles CVE
Puntuacion CVSS v3.17.8
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vector de ataqueLOCAL
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioREQUIRED
Publicado8/12/2021
Ultima modificacion2/24/2026
Fuentenvd
Avistamientos honeypot0
Productos afectados
microsoft:windows
Referencias
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36958(secure@microsoft.com)
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36958(af854a3a-2127-422b-91ae-364da2661108)
https://www.kb.cert.org/vuls/id/131152(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.